Purloined laptop contained data for 1,500 patients

July 01, 2011
by Brendon Nafziger, DOTmed News Associate Editor
Recent, high-profile hacking rampages notwithstanding, security experts always warn that many health care privacy breaches are more likely to occur from a laptop stolen out of someone's car than a malicious prankster remotely accessing files. And that's proven again by what appears to have happened recently in Tennessee.

PhyDdata LLC, a medical billing company based in Goodlettsville, Tenn., said a laptop stolen from an employee's car in May contained personal information from more than 1,500 patients from two local radiology practices and one anesthesiology group, the Tennessean reported Thursday.

[Read about the radiology servers gamers hacked to play Call of Duty: Black Ops.]

Patient information contained on the laptop, nabbed from the car's trunk as it was parked in a mall parking lot May 7, includes names, Social Security numbers, dates of birth and medical ID numbers.

Most of the stolen information comes from people who were patients with Advanced Diagnostic Imaging , Premier Radiology and Anesthesia Services Associates between Jan. 2009 and Dec. 2010, according to the paper.

However, PhyData spokeswoman Joy Sweeney said there's no evidence any of the information has been misused, the Tennessean reported. She said the company had set up a toll-free help line with Kroll Inc., and is offering identity-theft protection services to affected patients. The company's laptops are also now all encrypted and password protected, she said.